Scottsdale 2013

SANS Technology Institute Master's Presentation

Incident Response in the Healthcare Cloud: Matching Policy with Data

Barbara Filkins

Monday, February 18th, 7:30pm - 8:10pm

Summary

Privacy has been, and will remain, a leading business driver for healthcare security. The sharing of sensitive patient records is protected by regulation, jurisdictional, and organizational polices, and individual patient consent, all of which articulate the set of business rules by which protected healthcare information is shared, disclosures tracked, and breaches recognized.

Cloud computing adds new challenges to how security re-enforces privacy. In the absence of explicit control over the physical infrastructure, the security architecture must focus on protecting the actual data according to the appropriate business rules. In this environment, an understanding of how policies affect the behavior around access, use, and release of sensitive data is needed to effectively monitor for incidents and proactively avoid potential breaches.

This presentation summarizes the challenges as how data and policy can be matched in the healthcare cloud and presents reference architecture, based on standards and realizable through current technology, that enables enforceable policies around sensitive data, policies which, in turn, can be supported by incident response procedures.

Barbara Filkins has done extensive work in system procurement, vendor selection and vendor negotiations in her career as a systems engineering and infrastructure design consultant. Based in Southern California, she sees security as a process that she calls ‚policy, process, platforms, pipes AND people.‚ Most recently, she‚s been involved with HIPAA security issues in the health and human services industry, with clients from federal agencies (DoD and VA), municipalities and commercial businesses. Her interest in information security comes from its impact on all aspects of the system lifecycle as well as its relation to many of the issues faced by a modern society dependent on automation‚privacy, identity theft, exposure to fraud and the legal aspects of enforcing information security. She holds the SANS GSEC (Gold) and GCIH (Gold) and is currently pursuing her Master of Science degree from the SANS Technology Institute.

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.

Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.